Skip to main content

Asus System Control Interface

2 CVEs product

Monthly

CVE-2026-7480 HIGH This Week

Local privilege escalation in ASUS System Control Interface allows an authenticated low-privileged user to gain SYSTEM-level code execution by issuing a crafted RPC call that bypasses the component's validation logic. The flaw stems from incorrect permission assignment (CWE-732) on a critical resource exposed over RPC, and no public exploit identified at time of analysis. CVSS 4.0 scores it 7.3 with high attack complexity, indicating exploitation is non-trivial but yields full host compromise.

RCE Asus System Control Interface
NVD
CVSS 4.0
7.3
EPSS
0.0%
CVE-2026-3508 MEDIUM This Month

Out-of-bounds read in ASUS System Control Interface IOCTL handler allows local authenticated users to trigger denial of service via oversized read operations. A local user with limited privileges can supply a read size exceeding the allocated buffer, causing a system crash (BSOD). No public exploit code or active exploitation has been confirmed at this time.

Information Disclosure Buffer Overflow Asus System Control Interface
NVD VulDB
CVSS 4.0
6.8
EPSS
0.0%
EPSS 0% CVSS 7.3
HIGH This Week

Local privilege escalation in ASUS System Control Interface allows an authenticated low-privileged user to gain SYSTEM-level code execution by issuing a crafted RPC call that bypasses the component's validation logic. The flaw stems from incorrect permission assignment (CWE-732) on a critical resource exposed over RPC, and no public exploit identified at time of analysis. CVSS 4.0 scores it 7.3 with high attack complexity, indicating exploitation is non-trivial but yields full host compromise.

RCE Asus System Control Interface
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Out-of-bounds read in ASUS System Control Interface IOCTL handler allows local authenticated users to trigger denial of service via oversized read operations. A local user with limited privileges can supply a read size exceeding the allocated buffer, causing a system crash (BSOD). No public exploit code or active exploitation has been confirmed at this time.

Information Disclosure Buffer Overflow Asus System Control Interface
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy